The Ubuntu Forums have been hacked, with attackers grabbing data from more than 1.8 million users accounts.

‘Ubuntu One and Launchpad are not affected by the breach’

‘Every user’s local username, password, and email address [were stolen] from the Ubuntu Forums database’ Canonical say in a statement posted on the website, adding that while the ‘passwords (stolen) are not stored in plain text’ those who use the same password on other services should ‘change the password on the other service[s] ASAP.’

While data from the Forums has been compromised they stress that other services, such as Ubuntu One and Launchpad, ‘are not affected by the breach’.

Timeline

Reports of the forums being ‘defaced’ surfaced on late Saturday (July 20th). The main page was redirected to that of an image touting a twitter account – @Spuntn1k_ – and text that read: “You dun goofed, it’s as simple as that”.

Early Twitter accounts of the hack say that an unspecified music track was also played when accessing the homepage.

The Ubuntu Forum homepage was replaced with this image

So how did this happen? That’s the question Canonical will be trying to find out as soon as possible.

‘The forum was running an outdated version of vBulletin [without] admin panel protection’

Security blog Sucuri suggest that the hack may have been achieved due to lax protection on the backend. According to an un-named source they’ve been told that the forum was running an outdated version of vBulletin that ‘didn’t have the admin panel protected’.

Canonical has since redressed the breach, replacing the image with an announcement on what happened so far.